Forum Discussion
Ivan_Chernenkii
Aug 11, 2020Employee
Hello Hoang,
- Bots aren't always execute DoS attack to application. They can execute scraping, scalping, skewing, sniping and etc. These attack aren't always connected with high-rate traffic, like mostly in case of DoS. Also, it is good to have functionality to classify bots as good or bad. That is why ASM has these two different solutions: DoS Protection and Bot Defense.
- In case of "Automatic" mode ASM constantly counts baseline threshold, based on incoming traffic, and if baseline threshold is significantly reached, then it detects DoS attack. For more details you can look at https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-13-0-0/1.html.
Thanks, Ivan